JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.22.87.21

149.22.87.21 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 40%: ?

40%

ISP	DataCamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-22-87-21.datapacket.com
Domain Name	datacamp.co.uk
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.22.87.21

Whois 149.22.87.21

IP Abuse Reports for 149.22.87.21:

This IP address has been reported a total of 49 times from 27 distinct sources. 149.22.87.21 was first reported on September 16th 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 21:20:43 (1 hour ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:20:35.650494 2026] [security2:error] [pid 20952:tid 20952] [client 149.22.87.21:42081] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|eurosoni.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eurosoni.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akA-o_RHXEGS28jc9lKNjAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 20:24:39 (2 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:24:32.201992 2026] [security2:error] [pid 2917:tid 2917] [client 149.22.87.21:57539] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.rimworld.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.rimworld.com"] [uri "/notra/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akAxgDHIWmso7FG3tczXTQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 19:53:54 (3 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:53:49.178113 2026] [security2:error] [pid 8537:tid 8575] [client 149.22.87.21:21849] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.east-lease.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.east-lease.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akAqTS1Qlt7Da97fOgrIzwAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 19:11:24 (4 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:11:19.518846 2026] [security2:error] [pid 17570:tid 17570] [client 149.22.87.21:61445] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.fritsknuf.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fritsknuf.com"] [uri "/blog/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akAgV6caJ7gpoWnno7X8swAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 03:01:03 (20 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:00:55.831735 2026] [security2:error] [pid 6164:tid 6164] [client 149.22.87.21:63013] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|red-jacket.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "red-jacket.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8853P4ZXT4QM9ILbPVCAAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 01:43:11 (21 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:43:06.893111 2026] [security2:error] [pid 8166:tid 8166] [client 149.22.87.21:55841] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.beechleafdesign.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.beechleafdesign.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8qqscUIgdIc62_xI7J5gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 01:13:04 (22 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:12:58.873571 2026] [security2:error] [pid 13715:tid 13715] [client 149.22.87.21:44261] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|theneighborswindow.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "theneighborswindow.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8jmqK6W4nMxKTX9u356AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-27 00:10:54 (23 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 23:48:28 (23 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:48:24.329999 2026] [security2:error] [pid 10648:tid 10671] [client 149.22.87.21:56153] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|coloradosellers.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "coloradosellers.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8PyLghAbQdX-OMROvbegAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 08:50:41 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 04:50:34.630709 2026] [security2:error] [pid 458:tid 458] [client 149.22.87.21:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|chaitanyaconsult.in\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "chaitanyaconsult.in"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj49WnGjbuKU44lnKvQqLQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 22:08:30 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:08:25.849220 2026] [security2:error] [pid 24133:tid 24133] [client 149.22.87.21:52557] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.lindaporcello.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.lindaporcello.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxVWUTfPGznrWX0OGjCSQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 YF	2026-06-24 08:05:15 (3 days ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 05:36:46 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 01:36:39.705059 2026] [security2:error] [pid 9265:tid 9265] [client 149.22.87.21:44511] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.chriseaton.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.chriseaton.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajts5z6JOxn7BksH5RsNkgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 04:30:52 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.21 (unn-149-22-87-21.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:30:45.951026 2026] [security2:error] [pid 10696:tid 10696] [client 149.22.87.21:23785] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.domainexecs.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.domainexecs.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtdde1lLisjwVIoKCpNCwAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 04:17:23 (3 days ago)	[Firewall Canary] Temporary ban due to firewall rule match [URI:/vendor/]	Bad Web Bot Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇰 220.247.236.32

🇺🇸 20.121.46.95

🇭🇺 2a0d:3344:3617:500::f1a

🇨🇳 218.13.26.42

🇰🇷 61.97.17.208

🇨🇭 51.107.70.90

🇧🇷 43.164.195.160

🇸🇬 20.212.52.137

🇭🇺 188.143.95.148

🇺🇸 181.215.182.48

🇺🇸 173.236.255.109

🇺🇸 162.243.228.110

🇨🇳 115.190.44.249

🇮🇳 59.97.206.52

🇰🇷 58.224.62.29

🇺🇸 45.33.46.249

🇮🇩 43.245.248.2

🇸🇬 43.134.185.43

🇨🇳 14.103.118.61

🇯🇵 8.216.13.122